New Petya! Help!

[orangesystemspro]

Hello! I think new petya have another Data Locations or hex are crypted Here is 54 sector of new petya:  (old petya: Ф2cИЋ‚ )

55 sector of new petya: ἈἉἊἋἌἍἎἏἈἉἊἋἌἍἎἏἘἙἚἛἜἝ἖἗ἘἙἚἛἜἝ἞἟ἨἩἪἫἬἭἮἯἨἩἪἫἬἭἮἯἸἹἺἻἼἽἾἿἸἹἺἻἼἽἾἿὈὉὊὋὌὍ὆὇ὈὉὊὋὌὍ὎὏ὐὙὒὛὔὝὖὟ὘Ὑ὚Ὓ὜Ὕ὞ὟὨὩὪὫὬὭὮὯὨὩὪὫὬὭὮὯᾺΆῈΈῊΉῚΊῸΌῪΎῺΏ὾὿ᾈᾉᾊᾋᾌᾍᾎᾏᾈᾉᾊᾋᾌᾍᾎᾏᾘᾙᾚᾛᾜᾝᾞᾟᾘᾙᾚᾛᾜᾝᾞᾟᾨᾩᾪᾫᾬᾭᾮᾯᾨᾩᾪᾫᾬᾭᾮᾯᾸᾹᾲᾼᾴ᾵ᾶᾷᾸᾹᾺΆᾼ᾽ι᾿῀῁ῂῌῄ῅ῆῇῈΈῊΉῌ῍῎῏ῘῙῒΐ῔῕ῖῗῘῙῚΊ῜῝῞῟ῨῩῢΰῤῬῦῧῨῩῪΎῬ῭΅`῰῱ῲῼῴ῵ῶῷῸΌῺΏῼ´῾῿

old petya: юЗ77ХЄ77I:77wн77йп77ля77џk77§ 7779777¶77Tm77
q77qR77Џ°77б277Ээ77ыЗ77Х©77I77w-77iа77ля77џ«77§ 7751777¶77Sm77Ѓq77qТ77Џ°77б277Ээ77юЗ77UЄ77I77w-77iп77ля77џл77§ 7731777ц77Tm77Ѓr77q77Џ°77a277Ээ77эЗ77U©77I&77wm77iп77ля77џ«77§ 771=777¶77Sm77Ѓq77qR77Џ°77a277Ээ77эЗ77Х©77I:77wm77йв77ля77џk77§ 77?;777677Sm77Ѓq77q’77Џ°77б177Ээ77юЗ77UЄ77I877w­77iа77кя77¬77§.77=7777¶77Sm77
q77q77Џ°77б277Ээ77эЗ77Х©77I77wн77йб77кя77м77§.77;1777ц77Um77
q77qR77Џ°77б177Ээ77эЗ77U©77I<77wm77йп77ля77џ+77§ 779=777ц77Sm77
r77qТ77Џ°77б277Ээ77

Please help!

[orangesystemspro]

Photo of new petya

https://imagecdn3.luxnet.ua/tv24/resources/photos/news/610x344_DIR/201706/835231.jpg?201706001103

[benaubin]

I'm sorry to tell you, but new Peyta isn't ransomware. Even paying won't get your data back. Use this as a lesson to take backups from now on, I guess.

https://www.theverge.com/2017/6/28/15887496/petya-virus-not-actually-ransomware-analysis-shows

[orangesystemspro]

It is ransomware! Because when their mail was not blocked, we bought 1 key - and receive key that worked!

[benaubin]

Ok then. Wait was "x?x?x?x?x?x?x?x?" literally your key? On Thu, Jun 29, 2017 at 9:23 AM orangesystemspro notifications@github.com wrote:

It is ransomware! Because when their mail was not blocked, we bought 1 key

• and receive key that worked! key was: x?x?x?x?x?x?x?x?

— You are receiving this because you commented.

Reply to this email directly, view it on GitHub https://github.com/leo-stone/hack-petya/issues/12#issuecomment-311982539, or mute the thread https://github.com/notifications/unsubscribe-auth/AHO-SeSQuK279ygzWhTvlTZOwWJk2Gmbks5sI7N7gaJpZM4OJGOD .

[orangesystemspro]

i can write key, but i won't, because by key hackers will identify me

[benaubin]

That's really surprising that it worked. On Thu, Jun 29, 2017 at 9:37 AM orangesystemspro notifications@github.com wrote:

it was larger than previous key x2 (32bytes)

— You are receiving this because you commented.

Reply to this email directly, view it on GitHub https://github.com/leo-stone/hack-petya/issues/12#issuecomment-311986800, or mute the thread https://github.com/notifications/unsubscribe-auth/AHO-SRL2V9hI2ItwLtquB97FOwQXDuliks5sI7axgaJpZM4OJGOD .

[benaubin]

I don't know if it will be as vulnerable, though. On Thu, Jun 29, 2017 at 9:39 AM Ben Aubin benhaubin@gmail.com wrote:

That's really surprising that it worked. On Thu, Jun 29, 2017 at 9:37 AM orangesystemspro notifications@github.com wrote:

it was larger than previous key x2 (32bytes)

— You are receiving this because you commented.

Reply to this email directly, view it on GitHub https://github.com/leo-stone/hack-petya/issues/12#issuecomment-311986800, or mute the thread https://github.com/notifications/unsubscribe-auth/AHO-SRL2V9hI2ItwLtquB97FOwQXDuliks5sI7axgaJpZM4OJGOD .

[orangesystemspro]

Actual information! 1Mz7153HMuxXTuR2R1t78mGSdzaAtNbBWX - this is BTC wallet, where we paid

2afc76af-5cc2-11e7-a303-881032d40cc6 - bought key, they send us, and it worked (all files were decrypted)

[benaubin]

I'm not the maintainer - just trying to get some information to make it easier for someone to work on it if they want.

[orangesystemspro]

File we sent http://savepic.ru/14682284.jpg